Social Media Security For Business Accounts

Why Is Social Media Security Important?

In today’s business space, it’s very rare for an organization to not have some sort of social media presence online. With every platform that a business engages in, the more at risk they are to security threats.

It’s important to take the necessary precautions and steps to ensure your business accounts are as secure as possible.

This blog goes through:

• Common Security Risks + Mitigation Tactics
• How To Enable Two-Factor Authentication Across Platforms

Common Security Risks + Mitigation Tactics

Unused Accounts

You may have reserved certain usernames across different platforms for brand consistency, but they aren’t yet being utilized.

It’s important to monitor these accounts regularly to maintain security and so that if hackers were to gain access, you’d be able to mitigate them as quickly as possible. The worst-case scenario is that hackers post spam that’s harmful to your followers or inappropriate content under your account damaging your business’ reputation.

Employee Errors

People are people and no one is perfect, so human errors are bound to happen at some point. A recent study found that “employee weakness” was responsible for 20% of cyberattacks.

This can happen simply by clicking on a bad link or downloading a bad file.

Sadly, people with less experience/familiarity with the internet tend to fall victim to these attacks via quizzes where hackers acquire enough information to decipher passwords.

To limit these risks, maintain a current list of who has access and publishing privileges. Check out who has access to your social media management platform and social account login information. You want to make sure that any former employees have had their access revoked or the account passwords changed altogether.

Phishing Attacks & Fake Promo Scams

The goal of phishing social media scams is to get employees to expose passwords, banking information, or other private information to gain access to your social media accounts.

One of the most common phishing scams hackers use is fronting to have an affiliation with major brands. They offer up an exclusive coupon/discount code that you access via a third-party link that asks for personal information to claim the discount. This information can be used for password reset questions or other security verification methods.

Imposter Accounts

An imposter account happens when hackers create what is essentially a copy of your business’ account that looks like it belongs to your business. There is no business safe from imposter accounts being created. This can happen from someone claiming to be the government to a local bakery - everyone is at risk here.

LinkedIn reported that they identified 21.6 million fake accounts in only 6 months. Of that massive number, over 67 thousand were only identified as fraudulent after other users reported the accounts.

It’s important to act as a community to try to make social media spaces as safe as possible. If you think a post or account is a result of a hacker, be sure to report it.

Privacy Settings

A surprising amount of people and businesses don’t have the proper privacy settings enabled to secure their account(s). Social platforms regularly update their privacy settings and this can impact the overall security of your accounts.

It’s important to keep up with the latest updates and continue to maintain your settings across platforms. Keep an eye out for news of big data breaches or major hacker threats.

Enabling Two-Factor Authentication (2FA)

Off the bat, you want to make sure your passwords are composed of a combination of different letters and numbers, special characters, and capitalization. You essentially want to make it complex and unique to decrease the chances of hackers being able to guess your password.

Beyond these basic password formatting standards. You can add an additional layer of security to your accounts with Two-Factor Authentication (2FA).

What Is 2FA?

Two-Factor Authentication is an added line of defense against hackers. 2FA uses two different types of identification to log into an account.

There are three types of authentication:

• Something you know (ie. your password)
• Something you have (ie. a smartphone that can provide a generated code)
• Something you are (ie. a fingerprint, Face ID)

Any combination of these provides you with a higher level of security than if you just had a single factor of authentication (ie. just a password).

How To Set Up 2FA On Social Media Platforms (Via Desktop)

Twitter

1. Log into Twitter and go to More.
2. Click on Settings & Privacy.
3. In Security and account access, click on Security.
4. Next, click Two-factor authentication and select one of the following secondary security options:
5. Once you make your selection, you’ll be prompted to re-enter your password.
6. Follow the instructions for your selected 2FA method.
7. Test that it works.

Facebook

1. Log into Facebook and click on your profile photo in the top-right corner.
2. Click on Settings & privacy, followed by Settings.
3. On the left side of the screen, click Security and login.
4. Navigate to the Two-factor authentication section and click Edit next to Use two-factor authentication.
5. Re-enter your password to continue.
6. Next, click Two-factor authentication and select one of the following secondary security options:
• Text message (SMS): You'll receive a login code via text message (SMS).
• Authentication app: You'll receive a login code via an authentication app.
• Security key: You'll be asked to use your key for verification.
• Recovery codes: Use recovery codes to log in if you lose your phone or can’t receive a verification code via text message or an authentication app.
7. Follow the instructions for your selected 2FA method.
8. Test that it works.

LinkedIn

1. Log into Facebook and click on your profile photo in the top-right corner.
2. Click on Settings & privacy.
3. On the left side of the screen, click Sign in & security, followed by Two-step verification.
4. Click the Set up button.
5. Next, click Two-factor authentication and select one of the following secondary security options:
• Authenticator App
• Phone Number (SMS)
6. Follow the instructions for your selected 2FA method.
7. Test that it works.

Instagram

1. Log into Instagram and click on your profile photo in the top-right corner.
2. Click on Settings.
3. On the left side of the screen, click Privacy & security.
4. Scroll down to find Two-Factor Authentication and click Edit Two-Factor Authentication Setting.
5. Select one of the following secondary security options:
• Text Message: We'll send a code to ********.
• Authentication App: You'll get a code from your security app.
6. Follow the instructions for your selected 2FA method.
7. Test that it works.

TikTok

2FA can’t be enabled via desktop and can only be enabled via the mobile app.

1. Log into Tiktok via the mobile app.
2. Tap Profile.
3. Tap the hamburger menu button in the top-right corner of the screen.
4. Tap Security and privacy, followed by Security and login.
5. Choose 2-step verification.
6. Select two of the following options:
• SMS: A verification code will be sent to you via SMS when you log in.
• Email: A verification code will be sent to your email when you log in.
• Password: Enter a password when you log in. If you forget this password on an untrusted device, you can only recover it if you have both a phone number and email linked to your account.
7. Follow the instructions for your two selected 2FA methods.
8. Test that it works.

In Summary

Make sure that you take proper precautions when managing your business's social media accounts and ensure that 2FA is always enabled to reduce the likelihood of one or many of your accounts being compromised or hacked.

If you have any questions about Social Media Security please reach out on Twitter or LinkedIn!